I'm having problems reporting spam through pyzor with spamassassin -r. I'm
running SA 3.0.2 with amavisd-new and pyzor (1:0.4.0+cvs20030201-4),
razor2 (2.670) from Debian (Sid) packages, DCC (from source). Reporting
with razor and DCC works fine, it's just pyzor which isn't.
The output of spamassa
Just a quick note that the SARE whitelist rules file has been updated.
Documentation available at http://www.rulesemporium.com/rules.htm
The purpose of this rules file is to use the whitelist_from_rcvd to
avoid false positives for services that we know do not send out spam.
It's suitable for use
From: "jdow" <[EMAIL PROTECTED]>
> From: "Robert Menschel" <[EMAIL PROTECTED]>
>
> > Hello jdow,
> >
> > Friday, May 6, 2005, 4:21:49 AM, you wrote:
> >
> > j> From: "Cialis $89, Soma $59, Viagra $69" <[EMAIL PROTECTED]>
> >
> > j> Guess what? It passes right through all the tests because the
>...
>
>Ok, right on! I fixed the trusted_networks thing, and check this out!
>
>BTW, the jerks are using another domain.. for a new "division." my god,
>CAN-SPAM is a piece of crap. How the *hell* did it get passed? Ugh.
>
>At least it's getting plonked now. And with that, off to KFC I go...
>
>
>...
>
>I'm starting to see references in messages that look like this:
>
>www.achat-montre-rolex.net./
>
>
>Of course, it's not really a valid URL, but then the spam gets through
>too. Is it possible to strip excess garbage ( . / ) off the end of the
>domain before processing it?
>
>Running SpamAs
>...
>
>List Mail User wrote:
>
>
>> JohnS,
>>
>> As many of the regulars on this list can tell you, I *hate* spam
>>as much as nearly anyone here; But... Mike is absolutely correct, what
>>they have done is "slimely", but is not for most purposes "spam" (IANAL).
>>It is UCE (unsolicite
List Mail User wrote:
To NOT be "spam" and be *cough* condoned UCE, it must
1) Tell you that you're going to get it when you sign up; or
1a) Send you a notification that you are now being signed up for it.
(Southwestern Bell doesn't seem to do this either, btw. They created a
new list and sig
> Do I:
>
YOu have pointed out a key several times, but seemingly missed it.
These people are amatuers and newbies to the web. Quite possibly they are
doing this whole thing themselves from a "web foe dummies" book. Almost
certainly they got the idea of a web site from some customer suggesting
>>[old material snipped]
>>
>http://www.spamlaws.com/federal/108s877.shtml
>
>Point 1) - "Tell you that you're going to get it when you sign up"
The "standard out" for this is a clause like "and you agree to the
terms referenced on our standard policies page" - which includes a clause
s
> Then there's the other problem: rawbody rules seem to act on a
> line-by-line basis,
Yes. By design. :-( (Which I consider broken design.)
so you can look for /href=h$/ or /^ttp/ but not
> /href=h\nttp/
I'm pretty sure (but not positive) that the rawbody rule might have been
hitting in this
Seems Spammers have found a way to evade the URI checks
the domain coolestrxever.com is listed in multi.surbl.org. But the
spammers managed to to evade the URI checks by appending special
charaters at the end of the url which are happily allowed by the browsers.
The spam that I recieved had
http
On Saturday 07 May 2005 07:40, Rakesh wrote:
> Seems Spammers have found a way to evade the URI checks
>
> the domain coolestrxever.com is listed in multi.surbl.org. But the
> spammers managed to to evade the URI checks by appending special
> charaters at the end of the url which are happily allowe
On Friday, May 6, 2005, 3:23:56 PM, John Stewart wrote:
> I upgraded just the other day (at which point I suspect I broke something)
> as I saw on a site somewhere that 2.6.3 was vulnerable to a DOS attack. I
> upgraded to 2.6.4 for SA, and 0.25 for SpamCopURI
> Grepping through my messages file,
Hey,
Every so often I see the following message in my maillogs:
May 7 04:17:06 prime dccproc[35486]: sendto(dcc.dcc-servers.net
(132.206.27.31,6277)): Socket is already connected
is it harmless? A sign of a "stuck" dcc connection? Is there some way to
quell it?
-Dan
--
"What's with the serve
M>-Original Message-
M>From: Rakesh [mailto:[EMAIL PROTECTED]
M>Sent: 07 May 2005 07:41
M>To: [EMAIL PROTECTED]; users@spamassassin.apache.org
M>Subject: Way to evade URI checks
M>
M>Seems Spammers have found a way to evade the URI checks
M>
M>the domain coolestrxever.com is listed in mult
Hi all. Got a question. I've got a couple addresses I monitor for mail
that only get like 1-2 legitimate mails out of every thousand or so, but I
need those emails, but at the same time I'd like to either raise the values
on inbound mail to just those addresses so that they score higher, or l
I *think* what you are asking is, of you get mail to [EMAIL PROTECTED]
you want it to be biased upward a bit, but mail to [EMAIL PROTECTED]
won't be?
There is no convenient way you can multiply the spam scores to get them to
hit harder on some accounts. But you can pretty trivially apply a fixed
Rakesh wrote:
Content preview: Seems Spammers have found a way to evade the URI
checks the domain coolestrxever.com is listed in multi.surbl.org. But
the spammers managed to to evade the URI checks by appending special
charaters at the end of the url which are happily allowed by the
br
Greetings,
I am seeing some SpamAssassin eMail messages flagged as SPAM.
That's probably not unusual, given the nature of our discussions and
especially because we quote actual SPAM examples within our messages.
I know that someone is going to say, "whitelist" ...
The settings for my profile includ
I'm still torn on whether to show up for my appointment at 1pm. I think
just
because I was treated with contempt by the person I spoke to earlier, I
don't want to give them my money...
Absolutely not. Vote with your wallet.
David Gibbs wrote:
> May 6 17:50:38 linux spamd[3396]: error: Insecure dependency in eval
> while running setuid at
> /usr/lib/perl5/site_perl/5.8.0/Mail/SpamAssassin/PerMsgStatus.pm line
> 1958, line 57._ Transport endpoint is not connected, continuing
I ran spamd in debug mode for a while, hop
I'm finally getting around to actually cleaning my inbox and I find I appear
to be on a couple of e-mail lists that I don't recall signing up for, nor do
the contents of the messages score high enough to be kicked out, so I
thought I'd check here to see if anyone else knows of them.
One in particu
On 5/6/05, List Mail User <[EMAIL PROTECTED]> wrote:
> Again, there is an unfortunate exception provided by Sec 3.17
> which allows "Transactional or relationship message-" and in particular
> clause A.iii.I specifically allows "notification concerning a change in
> the terms or features of
Just a quick note that the SARE subject rules and obfuscation rules
have been updated. Documentation available at
http://www.rulesemporium.com/rules.htm
Note: Many of the subject rules were testing for obfuscations within
the subject headings. These have been moved to the obfuscation rules
files
24 matches
Mail list logo
